Whonix

editor's review

download

specifications

changelog

Whonix is an open source Linux operating system built around the popular Tor anonymity network software and based on the well known Debian GNU/Linux distribution. It allows users to install a secure, general purpose and anonymous Linux-based operating system that runs entirely in the VirtualBox virtualization software. It is distributed as gateway and workstation editions.

It's distributed as OVA files

The developers doesn’t provide regular ISO images for their Linux distribution. Instead, only OVA (Open Virtualization Format) files are available for download, which can be imported into the VirtualBox application. To import the OVA file, you will need to go to the File menu and select the Import Appliance option. Next, you will be able to browse to the location where you saved the OVA file and import it (the import process will take a long time, because the application needs to create a new disk image).

Provides various attractive features

It is important to know that before you import the OVA file, VirtualBox will ask you to change various settings. Do not change anything on this step, just click the Import button. After importing, you can fire up the Whonix virtual machine as you normally start your other VMs. The system provides various attractive features, such as anonymous IRC, anonymous publishing, and anonymous email through TorBirdy and Mozilla Thunderbird. It allows users to add a proxy behind Tor, torify almost any application, and circumvent censorship.

Supports only the 32-bit architecture

Whonix also supports DNSSEC (Domain Name System Security Extensions) over Tor, encrypted DNS, full IP/DNS protocol leak protection, and transparent proxy. Additionally, user will be able to tunnel Freenet, I2P, JonDonym, Proxy, Retroshare, SSH, UDP and VPN through Tor, as well as to enforce Tor. It supports only the 32-bit (486/686) architecture. The Workstation edition uses the KDE desktop environment and include open source applications like the Iceweasel web browser, XChat IRC, Tor Browser, and many more.

Modding Whonix, extending Whonix, such as installing a different desktop environment is now much simpler, because Whonix has been split into smaller packages https://github.com/Whonix/Whonix/issues/40. Therefore also understanding Whonix internals got simpler.

added experimental libvirt (kvm, qemu) support

Breaking change: Changed Whonix-Gateway internal IP address to 10.152.152.10 and netmask to 255.255.192.0 to avoid conflicts, such as with real networks when using physical isolation and to aid KVM users.

Breaking change: Changed Whonix-Workstation internal IP address to 10.152.152.11, netmask to 255.255.192.0 and gateway to 10.152.152.10 to avoid conflicts, such as with real networks when using physical isolation and to aid KVM users.